From a73846717f5c884e0eef0b5591ff7ad374375a0b Mon Sep 17 00:00:00 2001
From: plegall <plg@piwigo.org>
Date: Fri, 2 Nov 2012 13:59:07 +0000
Subject: feature 2727: improve password security with the use of PasswordHash
 class. This class performs salt and multiple iterations. Already used in
 Wordpress, Drupal, phpBB and many other web applications.

$conf['pass_convert'] is replaced by $conf['password_hash'] + $conf['password_verify']


git-svn-id: http://piwigo.org/svn/trunk@18889 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 password.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'password.php')

diff --git a/password.php b/password.php
index 845a00a3d..cae85cec0 100644
--- a/password.php
+++ b/password.php
@@ -221,7 +221,7 @@ function reset_password()
     
   single_update(
     USERS_TABLE,
-    array($conf['user_fields']['password'] => $conf['pass_convert']($_POST['use_new_pwd'])),
+    array($conf['user_fields']['password'] => $conf['password_hash']($_POST['use_new_pwd'])),
     array($conf['user_fields']['id'] => $user_id)
     );
 
-- 
cgit v1.2.3